Releases: aquasecurity/trivy
v0.21.3
Changelog
8e57dee fix(docs): typo (#1488)
8bfbc84 feat(plugin): Add option to update plugin (#1462)
1e811de fix: fixed skipFiles/skipDirs flags for relative path (#1482)
8b5796f feat (plugin): add list and info command for plugin (#1452)
a2199bb fix: set up a vulnerability severity (#1458)
279e76f chore: add arm64 deb package (#1480)
5262590 Link to trivy tutorial on Semaphore (#1449)
c275a84 refactor(helm): externalize env vars to configMap (#1345)
Docker images
docker pull aquasec/trivy:0.21.3docker pull ghcr.io/aquasecurity/trivy:0.21.3docker pull public.ecr.aws/aquasecurity/trivy:0.21.3
v0.21.2
Changelog
7beed30 docs: provide more information on scanning Google's GCR (#1426)
f50e1f4 docs(misconfiguration): added instruction for misconfiguration detection (#1428)
3ae4de5 Update git-repository.md (#1430)
6e35b8f fix(hooks): exclude unrelated lib types from system files filtering (#1431)
beb60b0 chore: run go fmt (#1429)
582e7fd fix(sarif): change help field in the sarif template. (#1423)
11bc290 Update fanal with cfsec version update (#1425)
392f689 Replace deprecated option in goreleaser (#1406)
101d576 feat(alpine): support 3.15 (#1422)
bd3ba68 chore: test the helm chart in the PR and used the commit hash (#1414)
3860d6e chore(deps): bump alpine from 3.14 to 3.15.0 (#1417)
4f82673 chore(release): add ubuntu older versions to deploy script (#1416)
Docker images
docker pull aquasec/trivy:0.21.2docker pull ghcr.io/aquasecurity/trivy:0.21.2docker pull public.ecr.aws/aquasecurity/trivy:0.21.2
v0.21.1
Changelog
b9a51de chore(mod): tidy (#1415)
7f24834 fix(rpc): fix nil layer transmit (#1410)
af3eaef Lang advisory order (#1409)
07c9200 chore: add support for s390x arch (#1304)
8bc8a4a fix(chart): ingress helm manifest-update trivy image (#1323)
9076a49 docs: Add comparison for cfsec (#1388)
bb316d9 remove: delete unused functions in utils package (#1379)
Docker images
docker pull aquasec/trivy:0.21.1docker pull ghcr.io/aquasecurity/trivy:0.21.1docker pull public.ecr.aws/aquasecurity/trivy:0.21.1
v0.21.0
Changelog
efdb29d fix(sarif): fix validation errors (#1376)
9bcf9e7 docs: add Bitbucket Pipelines (#1374)
3147097 docs: add community integrations (#1361)
33f74b3 Use a stable SARIF identifier (#1230)
5915ffb fix(python): fix parsing of requirements.txt with hash checking mode available in pip since version 8.0
ae4c42b feat(iac): Add line information (#1366)
19747d0 feat(cloudformation): Adding support for cfsec IaC scanning (#1360)
da45061 chore: send debug and info logs to stdout in install.sh, not stderr. (#1264)
cb1a4ed Update containerd to v1.5.7 and docker-cli to v20.10.9 (#1356)
69dae54 chore: update SBOM generation (#1349)
Docker images
docker pull aquasec/trivy:0.21.0docker pull ghcr.io/aquasecurity/trivy:0.21.0docker pull public.ecr.aws/aquasecurity/trivy:0.21.0
v0.20.2
Changelog
5dc8cfe docs: update builtin.md (#1335)
798b564 chore: fix issues with Homebrew formula (#1329)
21bf5e5 chore: bump GoReleaser to v0.183.0 (#1328)
e0f4ebd docs: update iac.md for a typo (#1326)
23a9a5e docs: typo fix (#1308)
1f5d17f Add new networking API features to Ingress (#1262)
Docker images
docker pull aquasec/trivy:0.20.2docker pull ghcr.io/aquasecurity/trivy:0.20.2docker pull public.ecr.aws/aquasecurity/trivy:0.20.2
v0.20.1
Changelog
bcfa028 chore(release): bump up GoReleaser to v0.182.1 (#1299)
681ab1b fix(yarn): support quoted version (#1298)
46051d5 feat(custom-forward): Forward the extended advisory data (#1247)
d8d692b feat(javascript) : Initialize npm driver for javascript packages (#1289)
cc344df fix(cli): fix incorrect comparision of DB metadata type. (#1286)
0dec17f docs: add footer to readme (#1281)
Docker images
docker pull aquasec/trivy:0.20.1docker pull ghcr.io/aquasecurity/trivy:0.20.1docker pull public.ecr.aws/aquasecurity/trivy:0.20.1
v0.20.0
Changelog
f12446d feat(report): add package path (#1274)
1c9ccb5 feat(command): add rootfs command (#1271)
a463e79 fix: update fanal (#1272)
e0ca5ef feat(commands): remove deprecated options (#1270)
1ebb329 Aggregate jar result for table (#1269)
b37f682 BREAKING(report): migrate to new json schema (#1265)
da90510 feat: improve --skip-dirs and --skip-files (#1249)
bd57b4f fix(gobinary): skip large files (#1259)
9027dc3 Disable library analyzer for OS only scan type (#1191)
5750cc2 chore: update trivy version (#1252)
bbcce9f refactor: move from io/ioutil to io and os package (#1245)
6bcb4af fix: brew test command (#1253)
8d13234 fix:added layer info in packages (#1248)
982f35b fix(go/binary): improve debug messages (#1244)
2e170cd Update db.go (#1199)
cc6c67d fix(deps): fix CVE-2021-32760 for github.com/containerd/containerd (#1243)
669fd1f feat(debian): support the versions that reached EOL (#1237)
8cd7de2 feat(alpine): support unfixed vulnerabilities (#1235)
3bf3a46 feat(report): add image config (#1231)
8edcc62 feat(nodejs): support package.json (#1225)
31c45ff refactor: use testing DB instead of mock (#1234)
d8cc8b5 feat(ruby): support gemspec (#1224)
dbc7a83 feat(python): add packaging detector and respective hook (#1223)
19c0b70 feat(license): Added support to new License field of go-dep-parser's library (#1167)
9d61777 fix(oracle): handle advisories contain ksplice versions (#1209)
5d57dea fix(docs): remove OSVDB advisories (#1215)
b595559 docs: fix typos in CONTRIBUTING.md (#1181)
b1410b2 Update EOL of Debian 11 (#1180)
0e777d3 fix(plugin): resolve a closure (#1207)
b6d9c30 docs: fix typo (#1206)
5160a2e fix(detector): change an argument for trivy-db getter (#1203)
40ed227 chore(mod): update fanal (#1179)
2a4400c Add license info to package data (#1176)
82eb630 feat(nuget): support packages.config (#1095)
4a8db20 feat(python): add support for requirements.txt (#1169)
8db9b6a GitLab CI integration documentation (#1168)
c159501 chore(gorelease) change goreleaser config to include template examples (#1138)
76e63d1 chore(deps): bump dmnemec/copy_file_to_another_repo_action (#1153)
79b6684 chore(deps): bump actions/stale from 3 to 4 (#1152)
214fe82 feat(report): add end of service life flag to OS metadata (#1142)
c489e31 chore: set up Dependabot for github-actions and docker (#1128)
efd812c docs: fix typo (#1149)
3a920dc docs: add some external links (#1147)
7cb1598 chore (release): add ubuntu esm versions to deploy script (#1151)
6a88002 docs(troubleshooting) add urls which are required to download vuls db (#1137)
Docker images
docker pull aquasec/trivy:0.20.0docker pull ghcr.io/aquasecurity/trivy:0.20.0docker pull public.ecr.aws/aquasecurity/trivy:0.20.0docker pull aquasec/trivy:latestdocker pull ghcr.io/aquasecurity/trivy:latestdocker pull public.ecr.aws/aquasecurity/trivy:latest
v0.19.2
Changelog
f3f3029 Updated the Alpine Image to 3.14 (latest) (#1130)
0e52fde Added EOL for Ubuntu 21.10 (#1131)
9b3fba0 fix(image): disabled scanning of config files within container images (#1133)
1101634 docs: fixed typo (#1124)
499b7a6 update cyclonedx github action to v0.3.0 (#1127)
Docker images
docker pull aquasec/trivy:0.19.2docker pull ghcr.io/aquasecurity/trivy:0.19.2docker pull public.ecr.aws/aquasecurity/trivy:0.19.2docker pull aquasec/trivy:latestdocker pull ghcr.io/aquasecurity/trivy:latestdocker pull public.ecr.aws/aquasecurity/trivy:latest
v0.19.1
Changelog
cea9b0b fix(policy): fix panic on the first run (#1116)
Docker images
docker pull aquasec/trivy:0.19.1docker pull ghcr.io/aquasecurity/trivy:0.19.1docker pull public.ecr.aws/aquasecurity/trivy:0.19.1docker pull aquasec/trivy:latestdocker pull ghcr.io/aquasecurity/trivy:latestdocker pull public.ecr.aws/aquasecurity/trivy:latest
v0.19.0
Changelog
dea3428 docs(misconf): add comparison with Conftest and tfsec (#1111)
47d600a feat(report): add schema version (#1110)
eae4baf fix(scan): change unknown os from info to debug (#1109)
9e08bd4 docs: add misconfiguration (#1101)
d9883e4 fix(config): rename include-successes with include-non-failures (#1107)
e6f7e55 feat(config): support --trace (#1106)
4b84e79 fix(policy): reduce the Internet access (#1105)
05ae22a chore: bump golangci-lint to v1.41.1 (#1104)
a0e5c3a feat: support config scanning (#931)
712f9eb feat(report): add artifact metadata (#1079)
803b2f9 Generate SBOM (#1076)
92f980f fix(db): multiple prefixed data sources (#1070)
52e98f1 Add EOL date for Alpine 3.14 (#1072)
6cd9a32 suse: mark sle 15.3 as maintained, add opensuse 15.3 (#1059)
03a7366 docs: improve data sources (#1069)
a29d6d8 chore(label): add kind/security-advisory (#1068)
2a08969 fix(asff): replace slice with substr (#1058)
3a94b73 fix(helm-chart): parametrized ingress host path (#1049)
41d000c feat: support Google Artifact Repository (#1055)
78da283 Update ASFF template to use label for severity (#1047)
e362843 BREAKING: migrate to a new JSON schema (#782)
097b8d4 docs: Fix link to AWS Security Hub template (#1046)
3b6122f refactor(server): support gzip (#1045)
f75a369 chore(rpc): update protoc and twirp (#1044)
e4c32cd Added support for list all packages flag in client (#1032)
fb19abd chore: chart with 0.18.3 (#1033)
d2afc20 feat: add gitlab codequality template (#895)
43ff5f9 feat(plugin): add aqua plugin (#1029)
5e6a50b fix(go): if patchedVersion is empty mark it as vulnerable (#1030)
23b9533 docs(ubuntu): fix supported versions (#1028)
d1f8cfc Support Ubuntu 21.04 (#1027)
aa2336b chore: remove codecov (#1016)
e646172 fix typo on github-actions.md (#1022)
Docker images
docker pull aquasec/trivy:0.19.0docker pull ghcr.io/aquasecurity/trivy:0.19.0docker pull public.ecr.aws/aquasecurity/trivy:0.19.0docker pull aquasec/trivy:latestdocker pull ghcr.io/aquasecurity/trivy:latestdocker pull public.ecr.aws/aquasecurity/trivy:latest